Observra, new open source project and library gives developers, security practitioners, and platform teams a clean telemetry layer for agents.
Maidenhead, UK, July 1, 2026 – Exabeam, the leader in Behavior Intelligence for the agentic enterprise, today announced new capabilities that help security teams detect, investigate, and reduce risk from AI agents, autonomous workflows, and human-to-agent activity across modern enterprise environments.
The product release expands Exabeam Agent Behavior Analytics (ABA), Outcomes Navigator, Exabeam Nova, Threat Center and Attack Surface Insights, as well as search and data collection workflows, to help organizations secure AI adoption without slowing innovation or rebuilding their security operations stack.
AI agents are quickly becoming active participants in the enterprise. They access systems, invoke tools, interact with data, and act on behalf of users at machine speed. Agents often use approved applications, valid credentials, and authorized workflows. As a result, even risky activity can appear legitimate until their behavior is analyzed over time. Exabeam addresses this challenge with Behavior Intelligence: a security operations model that connects behavioral detection, AI-driven investigation, automation, and outcomes-based measurement.
“Organizations are rapidly moving from AI experimentation to autonomous AI agents operating across the enterprise,” said Pete Harteveld, CEO of Exabeam. “Security teams need visibility not only into human activity, but into how agents behave, interact, and make decisions. Exabeam is helping customers secure this new reality by bringing together AI visibility, behavioral analytics, and threat detection across human users, AI agents, and the systems they interact with.”
“We’re seeing more AI tools and agents show up across the business, and one of the biggest challenges is understanding how they’re actually being used,” said Andrea Licciardi, Senior Cybersecurity Manager, MAIRE and Founder of CISOs4AI. “Behavioral analytics and agent observability give us the context we need to spot unusual activity early and investigate it quickly, without slowing down AI adoption.”
With this release, Exabeam delivers new enhancements to the New-Scale Security Operations Platform across a number of key areas:
- Broader Detection Coverage: New AI and agent-related behavioral detections double total AI-focused detection coverage to 90. These detections help identify anomalous interactions between human users and AI agents as well as unauthorized autonomous agent activity, including suspicious prompt behavior, unusual tool invocation sequences, abnormal consumption patterns, unauthorized configuration changes, Denial of Wallet indicators, shadow AI activity, and other signs of misuse or compromise.
- Broader Visibility Across Enterprise AI Platforms: The release extends Exabeam visibility across major AI platforms, adding Anthropic Claude alongside OpenAI ChatGPT, Google Gemini, Microsoft Copilot, and GitHub Copilot. This helps security teams understand which AI technologies are being used, identify newly adopted tools, and monitor usage patterns across authorized services.
- Stronger OWASP-aligned coverage: Exabeam Outcomes Navigator now incorporates coverage aligned to the OWASP Top 10 for Agentic AI, giving security teams a clearer view of how their existing detections map to emerging AI risks. Customers can assess coverage across OWASP categories, identify detection gaps, and receive guidance on where additional content can strengthen their defenses, helping organizations prioritize investments and improve security outcomes as AI adoption expands.
- Accelerated Detection Engineering and Investigation: Exabeam Nova Rules Creator enables teams to create and tune correlation and New-Scale Analytics rules using natural language. It also supports conversion from Sigma rules, helping detection engineers build and refine content faster. Exabeam Nova Related Cases, available in early access, helps analysts identify potentially connected cases, surface shared entities such as IPs or hosts, and understand why cases may be related. This reduces manual triage and helps SOC teams uncover persistent or evolving threats faster.
- SOC Enhancements Improve Speed, Scale, and Resilience: The release also includes platform updates designed to improve day-to-day SOC operations:
- Phishing email ingest to collect reported phishing emails, parse original messages and attachments, and create or group cases by topic.
- Attack Surface Insights improvements for entity health, identity linking, context freshness, and rule preview testing.
- New Cloud Collectors, custom REST API context collection, Site Collector health notifications, and Log Stream enhancements to improve data onboarding, monitoring, and parser transparency.
- Dashboard authoring, biweekly reporting, and Global Search improvements to make reporting and navigation faster.
Open and Extensible Agent Telemetry and Observability
Exabeam also announces today, Observra, a new open source project and library that gives developers, security, and platform teams a clean telemetry layer for agents. It captures meaningful agent activity across major frameworks, normalizes it into consumable events, enriches it with cost, redaction, deduplication, and risk signals and routes it to any security operations platform to improve agent behavior insights across multiple open agent frameworks. The Exabeam New-Scale Platform uses the Observra project library to enhance agent observability.
Exabeam recently released Praxen as an open source project to help foster and enable Agent Behavior Verification (ABV) as an agent security best practice. Praxen helps verify that agents are properly configured, authorized, and governed before deployment. Now with open source Observra, organizations can observe agent activity by capturing and normalizing telemetry into security-ready signals. Together with Exabeam Agent Behavior Analytics (ABA), these innovations advance Behavior Intelligence as a comprehensive approach to securing the agentic enterprise, helping organizations verify, observe, analyze, and improve AI agent security across the full lifecycle.
“AI agents introduce a new security challenge because organizations need confidence both before and after deployment,” said Steve Wilson, Chief AI Officer at Exabeam and Co-Founder and Co-Chair of the OWASP Gen AI Security Project. “Organizations must verify that agents are operating within their intended roles, observe how they interact with systems and data, analyze behavior for signs of misuse or compromise, and continuously improve defenses as agents evolve.”
The release also expands LogRhythm SIEM ecosystem coverage with new and enhanced integrations across Microsoft, cloud, identity, email, and security technologies. These additions provide organizations with broader visibility across modern attack surfaces while simplifying data collection and accelerating security operations.
To learn more, visit https://www.exabeam.com/whats-new/
About Exabeam
Exabeam is the leader in Behavior Intelligence for the agentic enterprise. As organizations deploy digital workers and confront machine-speed adversaries, Exabeam applies agent-powered analytics to understand and govern the behavior of both human and non-human insiders. With integrated Exabeam Nova cybersecurity agents, Exabeam delivers flexible, industry-proven solutions for insider threat coverage of humans and agents and faster, more accurate threat detection, investigation, and response (TDIR). As the pioneer of user and entity behavior analytics (UEBA) and the innovator behind Agent Behavior Analytics (ABA), Exabeam is trusted by more than 3,000 enterprises worldwide to reduce risk, secure the digital workforce, and accelerate security operations. Learn more at www.exabeam.com.
Exabeam: Stop Insider Threats. Human or AI.
